Senior Technology Governance Analyst

• Develop/implement policies, procedures and standards (PSP) that are related to Change Management, System Development Life Cycle, Access Controls, and other key IT related areas. On a periodic basis, facilitate with the Standard Review Board to ensure all PSPs are renewed and changes are reflected.
• Work closely with the Director of Technology Governance as a team of two for the design and implementation of the central Identity Access Management (IAM) process and systems.
• Identity/Create Cloud security framework and processes for the Technology Team and implement periodic assessment as part of the 1st line of defense to identify control gaps and assist with remediation prior to the 2nd and 3rd line of defense exam.
• Support and work with key stakeholders to bring the technology environment into a central access provisioning process and streamline the approval workflows.
• Liaise with audit, technology area leaders to identify key areas of improvement, draft audit management response/action plan.
• Assist the technology team to implement those key action plans to remediate any audit related findings.
• Identity IT control gaps and create/implement key controls for the technology organization.
• Provide key project support, include but not limited to support implementation progress, issues and resolve them in a timely manner.
• Support and lead special technology governance projects as needed.
• Identify potential need and provide project support including monitoring implementation progress and helping to manage and resolve risks and issues.
• Manage/Support periodic user access review.
• As a key member of the Change Advisory Board (CAB) and attend the change review meetings as well as ensure all follow-up actions from the review meeting are addressed prior to change is being approved.

• Minimum of 12-15 years of work experience in governance, audit, compliance, risk, and / or security.
• Bachelor’s or Master’s degree in computer science or related field; CISA, CISM or similar certification required.
• High-level knowledge of IT risk across applications, infrastructure and data.
• Extensive knowledge of technology controls in various IT environments, especially in the cloud environment.
• Experience implementing review and approval processes within a Secure Software Development Lifecycle (SSDLC), including use of modern fully integrated and automated processes within the CI/CD pipeline.
• Ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the business.
• Working familiarity with Agile product management methodologies such as Scrum/Kanban.
• High attention to detail and quality, while balancing both practicality and value-creation.
• Excellent verbal and written communication skills.
• Strong understanding of Legal, Risk, Compliance, and Cybersecurity concerns.
• Previous experience of working with Internal Audit on drafting management response and close audit findings.
• Strong relationship building, organization, and critical thinking skills.
• Attention to details and ability to multi-tasking.

Company Overview:
Founded in 2001, Geode is headquartered in Boston’s financial district, the center of one of the world’s most vibrant finance and technology hubs and employs approximately 180 employees.

Geode is an institutional asset manager providing core beta exposures across a range of equity and niche asset classes, with over $1 trillion in AUM. With a robust infrastructure and experienced investment professionals, Geode offers the scale of a large asset management firm with the benefits of a smaller organization.

Geode is proud to be an equal opportunity employer and support a diversified work environment. Learn more about Geode at www.geodecapital.com/careers.